IMCSO Releases Cybersecurity Assessment Methodology for Maritime Vessels

February 14, 2025

123

IMCSO introduced a new cybersecurity assessment methodology for maritime vessels.
Standardized testing will help vessels evaluate cyber risks and join the Cyber Risk Registry.
Assessments cover OT infrastructure, ensuring compliance and cyber readiness.

The International Maritime Cyber Security Organisation (IMCSO) has released a cybersecurity assessment methodology to help maritime vessels evaluate cyber risks and join its Cyber Risk Registry. The methodology provides standardized testing criteria for IMCSO-accredited cyber consultants and maritime personnel.

The framework defines the scope, language, and deliverables needed for operational technology (OT) security assessments. It aims to create consistency in testing navigation, propulsion, communication, safety, cargo handling, and other OT systems onboard ships. Assessments can be conducted at sea, onshore, or both.

Standardized Cybersecurity Practices

The methodology sets a legal and practical framework for cybersecurity assessments. It covers prerequisites like rules of engagement, authorization, scope of work, objectives, testing approach, and expected deliverables. A structured communication plan ensures clear reporting, while risk management and confidentiality protocols protect sensitive data.

IMCSO CEO Campbell Murray emphasized the lack of standardized cyber risk assessments in the maritime sector, stating that the methodology will set a precedent for measuring cybersecurity. It will also help shipowners assess OT suppliers systematically, reducing risks from supply chain attacks.

Cyber Risk Registry and Industry Impact

The results of cybersecurity assessments will be recorded in the Cyber Risk Registry, providing insights for stakeholders like port authorities, insurers, and industry associations. The registry will support the IMO, shipbuilders, and management companies in strengthening cyber resilience.

U.S. Coast Guard’s Upcoming Cybersecurity Regulations

The U.S. Coast Guard plans to publish a final rule setting minimum cybersecurity requirements for U.S.-flagged vessels and maritime facilities. This regulation will address emerging cyber threats and enhance security across the maritime sector.

Did you subscribe to our daily Newsletter?

It’s Free Click here to Subscribe!

Source: Industrial Cyber

IMCSO Releases Cybersecurity Assessment Methodology for Maritime Vessels

Standardized Cybersecurity Practices

Cyber Risk Registry and Industry Impact

U.S. Coast Guard’s Upcoming Cybersecurity Regulations

Lesson Learned

Lessons Learned: Fatal Fire Aboard Oil/Chemical Tanker

Lessons Learned: Crew Member Crush Injury

Lessons Learned: Pilots Refuse To Board Ships With Faulty AC

Fatal Injuries To Crew Member in the Steering Gear Room

Crew Member Injured During Semi-Trailer Loading in Salerno

Latest Articles

Cargo Vessel Floods After Hull Damage in Sea of Azov

India’s ONGC Seeks Partner for Ethane Tanker Business

San Marino Launches Training Course on Flag State Inspections

MSC World America Enters Final Preparations For Inaugural Season From Miami

AYK Energy Completes Installation Of World’s Largest Marine Batteries